Software

General discussion

SSO or Identity Management

Hello. I have a question and I have been doing a lot of reading on the Internet and I am still confused so I thought I would ask everyone. I work for a community college and we are looking at a way to make it easier for teachers, staff, and students to login to different systems. Right now they have different passwords for different systems. They have their AD password to login to the domain. Then they have a username and password to login to our informational system. This is a asp.net app from a third party that users SQL. So I am tasked with looking at solutions to ease the hassle of remembering multiple usernames and passwords. The third party company does not have AD intergration. Should I be looking at things for Single Sign On or Identity Management or are they both the same? We are also looking at implementing Sharepoint to create portals. Does this make it easier or harder? Are there products anyone recommends (cheap or open-source)? We have people that access network resources from on-campus of course but also off campus (OWA) and the student information system can be accessed from on campus or off. I am just confused on the difference between SSO and Idenitity Management and which would work for web apps accessed from off campus.

All Comments

SSO versus Identity Management

SSO is a solution that allows one sign on, obviously. For example, I've had (many years)of experience using ClearTrust in conjunction with RSA Secur-Id as a very secure SSO solution.

ClearTrust (now called RSA Access Manager) is a SSO solution that works very well with web apps, since it's a web-based solution, and it supports multiple types of authentication (AD, userid/password, SecurId, certificates) and also works with about any OS or web server you can think of.

So ClearTrust would allow you to use ActiveDirectory, or SQL, or LDAP to authenticate a ASP web app..of course the third-party would have to play a part.

The nice thing about SharePoint is that it can use multiple authentication types, including Windows authentication.

By design, Active Directory and Windows is kinda-sorta is a SSO solution, but most sane individuals know that with regard to security and web apps, AD has it's limits.

To confuse everybody, SSO is a subset of Identity Management (IdM), but there's a lot more to IdM than just SSO.

Most 'Identity Management' products are provisioning solutions.

So, for example there's a product that Oracle makes called 'Oracle Identity Manager' that allows one-step provisioning of users across multiple platforms and systems. Great product.

For OWA, the best and most secure solution is a reverse-proxy SSL appliance.

Start or search

Create a new discussion

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Post type

Subject title

Topic Tags

Select up to 3 tags (1 tag required)

Cloud

Piracy

Security

Apple

Microsoft

IT Employment

Google

Open Source

Mobility

Social Enterprise

Community

Smartphones

Operating Systems

Windows

Mac

Malware

Tablets

Networking

Browser

Hardware

Software

Web Developerment

Linux

Off Topic

Message Body

Track this discussion and email me when there are updates

Please note: Do not post advertisements, offensive material, profanity, or personal attacks. Please remember to be considerate of other members. If you're new to the TechRepublic Forums, please read our TechRepublic Forums FAQ. All submitted content is subject to our Terms Of Use.